Hello all,

I'm still fairly new to AM, and have a question. I'm just curious to
know what the best practice is for an AM protected application to trust
authentication via AM.

For example, if that application was accessible outside of Access
Manager (if the person happened to know the URL), what is the most
secure way to tell the application not to allow someone in unless Access
Manager authenticated them. I know you can pass headers, but those can
be forged. You can also pass credentials, but lets say the app is not
doing authentication.


adamdn01's Profile: http://forums.novell.com/member.php?userid=126372
View this thread: http://forums.novell.com/showthread.php?t=457345